February 2021 Patch Tuesday: Microsoft and Adobe fix exploited zero-days
On this February 2021 Patch Tuesday: Adobe has fixed a Reader flaw used in limited attacks, as well as delivered security updates for a variety of products, including Acrobat …
Actively exploited SonicWall zero-day affects SMA 100 series appliances
SonicWall has confirmed that the actively exploited zero-day vulnerability spotted by the NCC Group on Sunday affects its Secure Mobile Access (SMA) 100 series appliances. …
Apple fixes three actively exploited iOS zero-days
Apple has release a new batch of security updates and has fixed three iOS zero-days that “may have been actively exploited” by attackers. The three zero-days Two …
SonicWall hit by attackers leveraging zero-day vulnerabilities in its own products?
On Friday evening, SonicWall announced that it “identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable …
Google fixes two actively exploited Chrome zero-days (CVE-2020-16009, CVE-2020-16010)
For the third time in two weeks, Google has patched Chrome zero-day vulnerabilities that are being actively exploited in the wild: CVE-2020-16009 is present in the desktop …
Google discloses actively exploited Windows zero-day (CVE-2020-17087)
Google researchers have made public a Windows kernel zero day vulnerability (CVE-2020-17087) that is being exploited in the wild in tandem with a Google Chrome flaw …
Attackers are exploiting two zero-day flaws in Cisco enterprise-grade routers
A technical support intervention has revealed two zero-day vulnerabilities in the OS running on Cisco enterprise-grade routers that attackers are trying to actively exploit. …
Exploits for vBulletin zero-day released, attacks are ongoing
The fix for CVE-2019-16759, a remote code execution vulnerability in vBulletin that was patched in September 2019, is incomplete, security researcher Amir Etemadieh has …
Researchers flag two zero-days in Windows Print Spooler
In May 2020, Microsoft patched CVE-2020-1048, a privilege escalation vulnerability in the Windows Print Spooler service discovered by Peleg Hadar and Tomer Bar from SafeBreach …
Zoom zero-day flaw allows code execution on victim’s Windows machine
A zero-day vulnerability in Zoom for Windows may be exploited by an attacker to execute arbitrary code on a victim’s computer. The attack doesn’t trigger a …
Attackers exploiting a zero-day in Sophos firewalls, have yours been hit?
Sophos has released an emergency hotfix for an actively exploited zero-day SQL injection vulnerability in its XG Firewalls, and has rolled it out to all units with the …
Two critical Firefox vulnerabilities exploited by attackers, patch now!
Mozilla has released critical security updates for Firefox and Firefox ESR on Friday, patching two vulnerabilities that are being actively exploited by attackers.